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I.  Highlights  of  the  Accomplishments 


(i)  Developed  a  multi-faceted,  unique  Cyberspace  Research  Laboratory  (CRL) 
at  Louisiana  Tech  University  to  provide  state  of  the  art  full-fledged  support 
in  cyber  security  research  and  experimentation. 


CRL  consists  of  several  unique  facilities  that  include  virtualization,  visualization, 
networking,  micro-aerial  vehicle  and  sensor  networks  (MAVSeN),  and  FPGA  laboratories. 
The  Virtualization  facility  supports  up  to  400  virtual  machines,  is  configurable  to  on- 
demand  requirements,  and  can  simulate  various  virtualized  environments.  The 
visualization  facility  offers  the  ability  to  render  large  and  complex  datasets  and  visualize 
them  on  a  high  resolution  tiled  display.  The  networking  laboratory  offers  a  variety  of  Cisco 
equipment  for  testing  with  different  types  of  networks.  The  MAVSeN  laboratory 
is  equipped  with  MAVS  with  wireless  sensor  nodes,  uses  Vicon-based  motion  capture 
system  as  an  indoor  GPS-like  navigation  tool  and  includes  gesture-based  sensing  and 
control. 


(ii)  Yielded  several  significant  research  outcomes  with  the  support  of  the 
Cyberspace  Research  Laboratory. 

A  summary  of  the  key  accomplishments  are  presented  below. 

(a]  Developed  the  first  non-interactive  dual  channel 
protocol  for  continuous  authentication  that  does  not 
require  users'  explicit  participation.  A  brief  piece  of 
information  sent  through  a  narrow  band  authenticated 
channel  is  used  to  authenticate  information  sent  over  a 
broad  band  insecure  channel.  Non-interactive  nature  of 
the  protocol  ensures  that  the  protocol-communications 
are  unidirectional  and  the  work-load  at  the  server  end  is 
not  overwhelmed.  Realized  the  protocol  for  an  example  application  of  preventing 
information  exfiltration  through  continuous  traffic  authentication.  Experiments  with 
continuous  traffic  authentication  show  that,  the  30  day  daily  average  of  false  reject 
rate  for  all  legitimate  requests  is  2.4%  and  the  false  accept  rate  for  malicious  traffic 
requests  is  0%  [1]. 


[b)  Developed  algorithms  for  the  navigation 
of  Unmanned  Ground  Vehicles  (UGVs)  towards  a 
set  of  pre-identified  target  nodes  in  coordinate- 
free  and  localization  free  wireless  sensor  and 
actuator  networks  [2].  The  UGVs  are  equipped 
with  a  set  of  wireless  listeners  that  provide  sensing 
information  about  the  potential  field  generated  by 
the  network  of  actuators.  Two  main  navigation 
scenarios  are  considered:  single-UGV,  single¬ 
destination  navigation  and  multi-UGV,  multi-destination  navigation.  For  the  single- 
UGV,  single-destination  case,  we  present  both  centralized  and  distributed  navigation 
algorithms.  Both  algorithms  share  a  similar  two-phase  concept.  In  the  first  phase, 
the  system  assigns  level  numbers  to  individual  nodes  based  on  their  hop  distance 
from  the  target  nodes.  In  the  second  phase,  the  UGV  uses  the  potential  field  created 
by  the  network  of  actuators  to  move  towards  the  target  nodes,  requiring 
cooperation  between  triplets  of  actuator  nodes  and  the  UGV.  The  hop  distance  to  the 
target  nodes  is  used  to  control  the  main  moving  direction  while  the  potential  field, 
which  can  be  measured  by  listeners  on  the  UGV,  is  used  to  determine  the  UGV's 
movement.  For  the  multi-UGV,  multi-destination  case,  we  present  a  decentralized 
allocation  algorithm  such  that  multiple  UGVs  avoid  converging  to  the  same 
destination.  After  each  UGV  determines  its  destination,  the  proposed  navigation 
scheme  is  applied.  The  presented  algorithms  do  not  attempt  to  localize  UGVs  or 
sensor  nodes  and  are  therefore  suitable  for  operating  in  GPS-free/denied 
environments. 


(c)  Developed  keystroke  based  spoof- 
resistant  robust  authentication 
solution  with  extensive  analysis  of 
possible  attack  vectors.  Two  major 
attacks  that  we  study  include  Snoop- 
Forge-Replay  attacks  that  are  launched 
using  stolen  keystroke  timings  [4]  and 
statistical  attacks  that  are  designed  using 
population  statistics  [3].  Both  attacks 
are  shown  to  have  high  success  rates. 
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Cognitive  and  demographic  analysis  of  keystroke  timings  are  used  to  defeat  these 
attacks. 


(d]  Developed  a  user  interest  based  model  and 
community  extraction  methodology  using  that  model  to 
identify  ad  hoc  user  communities  such  as  group  of  actors 
with  shared  malicious  intent.  Attained  accuracy  in  community 
detection  ranged  between  70%  to  98%  for  data  obtained  from 
CiteULike  [5]. 


(e]  Developed  randomized  methodologies  and  techniques  for  reducing  feature 
dimensionality  of  computer  programs  for  faster  detection  of  malicious 
applications.  Achieved  as  much  as  a  4%  increase  in  prediction  performance  and  a 
five-fold  decrease  in  processing  time  [6]. 


II.  Technology  Transfers 


•  Keystroke  based  user  identification  solution  has  been  transferred  to  US  Air  Force 
through  industrial  partner  Assured  Information  Systems  [AIS). 

Sponsor:  AFRL 

•  Transition  of  keystroke  based  Active  Authentication  solution  is  underway  through 
industrial  partner  Aegis  Research  Lab. 

Sponsor:  DARPA 
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